Bitrefill pins extensive purchase record-exposing hack on Lazarus Group

North Korean hacking collective Lazarus Group has been blamed by cryptocurrency e-commerce platform Bitrefill for a cyberattack against portions of its infrastructure earlier this month, which led to the theft of 18,500 purchase records, reports CoinDesk.

Infiltration of Bitrefill's infrastructure following the breach of an employee's laptop on Mar. 1 enabled threat actors to drain hot wallets, exploit supply chains and gift card inventory, and expose purchase records with email and payment addresses, as well as IP addresses. Bitrefill has informed affected victims and announced that it will cover losses from operational capital. Investigation of the breach is ongoing with the aid of on-chain analysts, law enforcement, security researchers, and incident response teams.

The suspicion on Lazarus stemmed from the use of on-chain tracing, reused IP and email addresses, and malware, which were similar to methods in attacks linked to the gang. Atomic Wallet, Ronin Network, WazirX, and Harmony's Horizon Bridge are some of the crypto projects previously attacked by Lazarus.